Switch: instance for VLAN configuration of Cisco L3 switch + L2 Switch

An instance of VLAN configuration for Cisco L3 switches and L2 Switches

Cisco VLAN implementation is usually port-centric. The port connected to the node determines the VLAN in which it resides. There are two ways to allocate a port to a VLAN: Static and Dynamic. The process of creating a static VLAN is to forcibly allocate the port to a VLAN. That is, we first create a VLAN on The VTP (VLAN Trunking Protocol) server, and then assign each port to the corresponding VLAN. This is the most common method for creating VLANs.

　　

Dynamic VLAN formation is simple. The port determines the VLAN to which it belongs. That is

We first set up a vmps (VLAN Membership Policy Server) VLAN management policy server, which contains a text file containing the MAC address table mapped to the VLAN. The switch uses this ing to determine the VLAN to which the port is allocated. This method has great advantages, but it is very difficult and tedious to create a database.

　　

The following example shows how to implement VLAN in a typical Fast Ethernet LAN. A typical LAN is to connect a core switch with a layer-3 Switch to several Branch switches (not necessarily capable of layer-3 switching ). Assume that the core switch name is com, and the Branch switches are par1, par2, par3 ......, The light module of port1 is connected to the core switch, and the VLAN names are counter, market, and managing .......

　　

1. Set VTP domain

It is called a management domain. All switches that exchange VTP update information must be configured with the same management domain. If all the switches are connected by a trunk, you only need to set a management domain on the core switch, and all the switches on the network are added to this domain, in this way, all the switches in the management domain can understand the VLAN list of each other.

　　

Com # Switch VLAN database to VLAN configuration mode

　　

COM (VLAN) # VTP domain COM set VTP management domain name com

　　

COM (VLAN) # vtp server sets the switch to the server mode

　　

Par1 # Switch VLAN database to VLAN configuration mode

　　

Par1 (VLAN) # Set VTP domain com

　　

Par1 (VLAN) # VTP client sets the switch to the client Mode

　　

Par2 # Switch VLAN database to VLAN configuration mode


Par2 (VLAN) # Set VTP domain com

　　

Par2 (VLAN) # VTP client sets the switch to the client Mode

　　

Par3 # Switch VLAN database to VLAN configuration mode

　　

Par3 (VLAN) # Set VTP domain com

　　

Par3 (VLAN) # VTP client sets the switch to the client Mode

　　

Note: To set the vswitch to the server mode, you can create, modify, and delete VLANs and other configuration parameters for the entire VTP domain on the vswitch, synchronize the latest VLAN information transmitted by other switches in The VTP domain. The client Mode means that the vswitch cannot create, delete, or modify VLAN configurations, nor store VLAN configurations in NVRAM, however, the VLAN information transmitted by other switches in The VTP domain can be synchronized.

　　

2. Configure Relay

　　

To ensure that the management domain can cover all Branch switches, relay must be configured. The Cisco switch can support any media as a trunk line. To achieve relay, you can use its unique isl tag. ISL (Inter-switch link) is a protocol for transmitting VLAN information and VLAN data streams between switches, between switches and routers, and between switches and servers, by configuring isl encapsulation on the port directly connected to the vswitch, you can allocate and configure VLANs across the entire network.

　　

The core switch is configured as follows:

　　

COM (config) # interface gigabitethernet 2/1

　　

COM (config-If) # switchport

　　

COM (config-If) # switchport trunk encapsulation isl

　　

COM (config-If) # switchport mode trunk

　　

COM (config) # interface gigabitethernet 2/2

　　

COM (config-If) # switchport

　　

COM (config-If) # switchport trunk encapsulation isl

　　

COM (config-If) # switchport mode trunk

　　

COM (config) # interface gigabitethernet 2/3

　　

COM (config-If) # switchport

　　

COM (config-If) # switchport trunk encapsulation isl

　　

COM (config-If) # switchport mode trunk

　　

The configuration on the branch switch side is as follows:

　　

Par1 (config) # interface gigabitethernet 0/1

　　

Par1 (config-If) # switchport mode trunk

　　

Par2 (config) # interface gigabitethernet 0/1

　　

Par2 (config-If) # switchport mode trunk

　　

Par3 (config) # interface gigabitethernet 0/1

　　

Par3 (config-If) # switchport mode trunk

　　

......

　　

Now, the management domain is set.

　　

3. Create a VLAN

　　

Once a management domain is created, you can create a VLAN.

　　

COM (VLAN) # VLAN 10 name counter creates a VLAN numbered 10 and named counter.

　　

COM (VLAN) # VLAN 11 name market creates a VLAN numbered 11 and named Market

　　

COM (VLAN) # VLAN 12 name managing creates a VLAN numbered 12 and named managing.

　　

......

　　

Note that the VLAN here is created on the core switch. In fact, as long as the VLAN is created on any VTP vswitch with the server attribute in the management domain, it notifies all switches in the entire management domain through VTP. However, if you want to add a vswitch port to a VLAN, you must configure the port on the vswitch to which the port belongs.

　　

4. Route vswitch ports to VLAN

　　

For example, par1, par2, par3 ...... Port 1 of the branch switch is allocated to the counter VLAN, Port 2 is allocated to the market VLAN, and Port 3 is allocated to the management VLAN ......

　　

Par1 (config) # interface fastethernet 0/1 Configure port 1

　　

Par1 (config-If) # switchport access VLAN 10 belongs to the counter VLAN

　　

Par1 (config) # interface fastethernet 0/2 Configure port 2

　　

Par1 (config-If) # switchport access VLAN 11 belongs to the market VLAN

　　

Par1 (config) # interface fastethernet 0/3 Configure port 3

　　

Par1 (config-If) # switchport access VLAN 12 belongs to the management VLAN

　　

Par2 (config) # interface fastethernet 0/1 Configure port 1

　　

Par2 (config-If) # switchport access VLAN 10 belongs to the counter VLAN

　　

Par2 (config) # interface fastethernet 0/2 Configure port 2

　　

Par2 (config-If) # switchport access VLAN 11 belongs to the market VLAN

　　

Par2 (config) # interface fastethernet 0/3 Configure port 3

　　

Par2 (config-If) # switchport access VLAN 12 belongs to the management VLAN

　　

Par3 (config) # interface fastethernet 0/1 Configure port 1

Par3 (config-If) # switchport access VLAN 10 belongs to the counter VLAN

　　

Par3 (config) # interface fastethernet 0/2 Configure port 2

　　

Par3 (config-If) # switchport access VLAN 11 belongs to the market VLAN

　　

Par3 (config) # interface fastethernet 0/3 Configure port 3

　　

Par3 (config-If) # switchport access VLAN 12 belongs to the management VLAN

　　

......

　　

5. configure Layer-3 Switching

　　

Now, VLAN division is complete. However, how does one implement layer-3 (Network Layer) switching between VLANs? In this case, we need to allocate Network (IP) addresses to each VLAN. You can assign an IP address to a VLAN in two ways: one is to assign a static IP address to all nodes in the VLAN, and the other is to assign a dynamic IP address to all nodes in the VLAN. The two cases are described below.

　　

Assume that the interface IP address assigned to the VLAN counter is 172.16.58.1/24, the network address is 172.16.58.0, And the VLAN

　　

The interface IP address allocated by market is 172.16.59.1/24, the network address is 172.16.59.0, And the VLAN

　　

The IP address of the management interface is 172.16.60.1/24, and the network address is 172.16.60.0 ....... If an IP address is dynamically assigned, set the IP address of the DHCP server on the network to 172.16.1.11.

　　

(1) assign a static IP address to all nodes in the VLAN

　　

First, set the interface IP addresses of each VLAN on the core switch, as shown below:

　　

COM (config) # interface VLAN 10

　　

COM (config-If) # IP address 172.16.58.1 255.255.255.0 vlan10 interface IP

　　

COM (config) # interface VLAN 11

　　

COM (config-If) # IP address 172.16.59.1 255.255.255.0 vlan11 interface IP

　　

COM (config) # interface VLAN 12

　　

COM (config-If) # IP address 172.16.60.1 255.255.255.0 vlan12 interface IP

　　

......

　　

Then, set the IP address that is consistent with the network address of the VLAN on the computer of each access VLAN, and set the default gateway as the interface address of the VLAN. In this way, all VLANs can access each other.

　　

(2) Assign Dynamic IP addresses to all nodes in the VLAN

　　

First, set the interface IP address of each VLAN and the IP address of the DHCP server on the core switch, as shown below:

　　

COM (config) # interface VLAN 10

　　

COM (config-If) # IP address 172.16.58.1 255.255.255.0 vlan10 interface IP

　　

COM (config-If) # IP helper-address 172.16.1.11 DHCP server IP

　　

COM (config) # interface VLAN 11

　　

COM (config-If) # IP address 172.16.59.1 255.255.255.0 vlan11 interface IP

　　

COM (config-If) # IP helper-address 172.16.1.11 DHCP server IP

　　

COM (config) # interface VLAN 12

　　

COM (config-If) # IP address 172.16.60.1 255.255.255.0 vlan12 interface IP

　　

COM (config-If) # IP helper-address 172.16.1.11 DHCP server IP

　　

......

　　

On the DHCP server, set the network addresses to 172.16.58.0, 172.16.59.0, and 172.16.60.0 respectively, and set the "Router" option of these scopes to the interface IP address of the corresponding VLAN. In this way, all VLANs can be exchanged.

　　

Finally, you can set the network in the computer of each access VLAN and set the IP address option to automatically obtain the IP address.